CompTIA CASP+ (CAS-004) — Question 582

A managed security provider (MSP) is engaging with a customer who was working through a complete digital transformation. Part of this transformation involves a move to cloud servers to ensure a scalable, high-performance, online user experience. The current architecture includes:

• Directory servers
• Web servers
• Database servers
• Load balancers
• Cloud-native VPN concentrator
• Remote access server

The MSP must secure this environment similarly to the infrastructure on premises. Which of the following should the MSP put in place to BEST meet this objective? (Choose three.)

Answer options

• A. Content delivery network
• B. Virtual next-generation firewall
• C. Web application firewall
• D. Software-defined WAN
• E. External vulnerability scans
• F. Containers

Correct answer: B, C, E

Explanation

The correct answers, B (Virtual next-generation firewall), C (Web application firewall), and E (External vulnerability scans), are essential for securing cloud environments by providing advanced threat protection, application-level security, and continuous vulnerability assessment. Options A (Content delivery network) and D (Software-defined WAN) do not directly enhance security, while F (Containers) do not specifically address the security needs of the existing architecture.